Asylo
Public Member Functions | Static Public Member Functions | List of all members
asylo::SgxLocalSecretSealer Class Reference

An implementation of the SecretSealer abstract interface that binds the secrets to the enclave identity on a local machine. More...

#include <sgx_local_secret_sealer.h>

Inheritance diagram for asylo::SgxLocalSecretSealer:
Inheritance graph
[legend]
Collaboration diagram for asylo::SgxLocalSecretSealer:
Collaboration graph
[legend]

Public Member Functions

 SgxLocalSecretSealer (const SgxLocalSecretSealer &other)=delete
 
virtual ~SgxLocalSecretSealer ()=default
 
SgxLocalSecretSealeroperator= (const SgxLocalSecretSealer &other)=delete
 
SealingRootType RootType () const override
 Gets the sealing root type of this SecretSealer. More...
 
std::string RootName () const override
 Gets the sealing root name of this SecretSealer. More...
 
std::vector< EnclaveIdentityExpectation > RootAcl () const override
 Gets the sealing root ACL of this SecretSealer. More...
 
Status SetDefaultHeader (SealedSecretHeader *header) const override
 Generates the default sealed-secret header based on the configuration of the SecretSealer and writes it to header. More...
 
Status Seal (const SealedSecretHeader &header, ByteContainerView additional_authenticated_data, ByteContainerView secret, SealedSecret *sealed_secret) override
 Seals the input per the header specification. More...
 
Status Unseal (const SealedSecret &sealed_secret, CleansingVector< uint8_t > *secret) override
 Unseals the sealed_secret and writes it to secret. More...
 
- Public Member Functions inherited from asylo::SecretSealer
 SecretSealer ()=default
 
virtual ~SecretSealer ()=default
 
virtual Status Reseal (const SealedSecret &old_sealed_secret, const SealedSecretHeader &new_header, SealedSecret *new_sealed_secret)
 Re-seals an already sealed secret to a new header. More...
 

Static Public Member Functions

static std::unique_ptr< SgxLocalSecretSealerCreateMrenclaveSecretSealer ()
 Creates an SgxLocalSecretSealer that seals secrets to the MRENCLAVE part of the enclave code identity. More...
 
static std::unique_ptr< SgxLocalSecretSealerCreateMrsignerSecretSealer ()
 Creates an SgxLocalSecretSealer that seals secrets to the MRSIGNER part of the enclave identity. More...
 
- Static Public Member Functions inherited from asylo::SecretSealer
static StatusOr< std::string > GenerateSealerId (SealingRootType type, const std::string &name)
 Combines the specified sealing root type and sealing root name to form a string. More...
 

Detailed Description

An implementation of the SecretSealer abstract interface that binds the secrets to the enclave identity on a local machine.

The secrets sealed by this sealer can only be unsealed on the same machine.

The SgxLocalSecretSealer can be configured to seal secrets either to MRENCLAVE or MRSIGNER. The SgxLocalSecretSealer class provides two factory methods–one that creates an SgxLocalSecretSealer configured to seal secrets to MRENCLAVE and another that creates an SgxLocalSecretSealer configured to seal secrets to MRSIGNER. In the MRENCLAVE-sealing mode, the default SealedSecretHeader generated by the sealer binds the secrets to the MRENCLAVE portion of the enclave's identity. In the MRSIGNER mode, the default SealedSecretHeader generated by the sealer binds the secrets to the MRSIGNER portion of the enclave's identity. In either mode, the sealed secret is bound to all bits of MISCSELECT, and all security-sensitive bits of ATTRIBUTES, as defined in secs_attributes.h.

Note that the SealedSecretHeader provided to the Seal() method also controls the cipher suite used for sealing the secret. The default setting of this field (as populated by SetDefaultHeader() ) is subject to change. As a result, users must not make any assumptions about the default cipher suite. If they wish to use a specific cipher suite, they must manually verify or override the cipher suite set by the SetDefaultHeader() method.

Sample usage for Seal():

std::unique_ptr<SgxLocalSecretSealer> sealer = CreateMrsignerSealer();
SealedSecretHeader header;
// Fill out the portions of the header that must be set by the client.
header.set_secret_name("my name");
header.set_secret_version("my version");
header.set_secret_purpose("my purpose");
// secret_handling_policy is a client-specific string, which, for example,
could be a serialized proto.
string secret_handling_policy = ...
header.set_secret_handling_policy(secret_handling_policy);
sealer->SetDefaultHeader(&header);
// Override fields in the default header, if desired.
...
// Generate the secret to be sealed.
std::vector<uint8_t, CleansingAllocator> secret = ...;
// Generate the additional authenticated data to be tied to the secret.
string additional_authenticated_data;
addtional_authenticated_data = ...
// Seal the secret and the additional authenticated data.
SealedSecret sealed_secret;
Status status = sealer->Seal(header, additional_authenticated_data,
secret, &sealed_secret);

Sample usage for Unseal():

std::unique_ptr<SgxLocalSecretSealer> sealer = CreateMrsignerSealer();
SealedSecret sealed_secret;
...
sealed_secret.ParseFromString(...);
std::vector<uint8_t, CleansingAllocator<uint8_t>> secret;
ASYLO_RETURN_IF_ERROR(sealer->Unseal(sealed_secret, secret));
// secret now holds the unsealed secret. The policy and
// additional_authenticated_data in the sealed_secret are now
// authenticated.

It should be noted that the SgxLocalSecretSealer's configuration only affects the default header generated by the sealer. Users can override the generated default header. A sealer in either MRENCLAVE or MRSIGNER configuration can unseal secrets that are sealed by a sealer in either configuration.

Constructor & Destructor Documentation

◆ SgxLocalSecretSealer()

asylo::SgxLocalSecretSealer::SgxLocalSecretSealer ( const SgxLocalSecretSealer other)
delete

◆ ~SgxLocalSecretSealer()

virtual asylo::SgxLocalSecretSealer::~SgxLocalSecretSealer ( )
virtualdefault

Member Function Documentation

◆ CreateMrenclaveSecretSealer()

static std::unique_ptr<SgxLocalSecretSealer> asylo::SgxLocalSecretSealer::CreateMrenclaveSecretSealer ( )
static

Creates an SgxLocalSecretSealer that seals secrets to the MRENCLAVE part of the enclave code identity.

Returns
A smart pointer that owns the created sealer.

◆ CreateMrsignerSecretSealer()

static std::unique_ptr<SgxLocalSecretSealer> asylo::SgxLocalSecretSealer::CreateMrsignerSecretSealer ( )
static

Creates an SgxLocalSecretSealer that seals secrets to the MRSIGNER part of the enclave identity.

Returns
A smart pointer that owns the created sealer.

◆ operator=()

SgxLocalSecretSealer& asylo::SgxLocalSecretSealer::operator= ( const SgxLocalSecretSealer other)
delete

◆ RootAcl()

std::vector<EnclaveIdentityExpectation> asylo::SgxLocalSecretSealer::RootAcl ( ) const
overridevirtual

Gets the sealing root ACL of this SecretSealer.

Returns
The sealing root ACL of this object.

Implements asylo::SecretSealer.

◆ RootName()

std::string asylo::SgxLocalSecretSealer::RootName ( ) const
overridevirtual

Gets the sealing root name of this SecretSealer.

Returns
The sealing root name of this class.

Implements asylo::SecretSealer.

◆ RootType()

SealingRootType asylo::SgxLocalSecretSealer::RootType ( ) const
overridevirtual

Gets the sealing root type of this SecretSealer.

Returns
The sealing root type of this class.

Implements asylo::SecretSealer.

◆ Seal()

Status asylo::SgxLocalSecretSealer::Seal ( const SealedSecretHeader &  header,
ByteContainerView  additional_authenticated_data,
ByteContainerView  secret,
SealedSecret *  sealed_secret 
)
overridevirtual

Seals the input per the header specification.

The header must have its secret_name, secret_version and secret_purpose fields populated. If any of the remaining fields in the header are populated, then they must be compatible with the underlying sealing root.

Parameters
headerThe metadata to guide the sealing.
additional_authenticated_dataUnencrypted data that is bundled with the sealed secret.
secretThe data to encrypt and seal.
[out]sealed_secretThe output sealed secret.
Returns
A non-OK status if sealing fails.

Implements asylo::SecretSealer.

◆ SetDefaultHeader()

Status asylo::SgxLocalSecretSealer::SetDefaultHeader ( SealedSecretHeader *  header) const
overridevirtual

Generates the default sealed-secret header based on the configuration of the SecretSealer and writes it to header.

Parameters
[out]headerThe destination for the default SealedSecretHeader value.
Returns
A non-OK status if a default cannot be set.

Implements asylo::SecretSealer.

◆ Unseal()

Status asylo::SgxLocalSecretSealer::Unseal ( const SealedSecret &  sealed_secret,
CleansingVector< uint8_t > *  secret 
)
overridevirtual

Unseals the sealed_secret and writes it to secret.

Parameters
sealed_secretThe input secret to unseal.
[out]secretThe destination for the unsealed secret.
Returns
A non-OK Status if unsealing fails.

Implements asylo::SecretSealer.


The documentation for this class was generated from the following file: